Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=copd-treatment-ef4.click
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 11, 2026
Valid Until
August 09, 2026
72 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B0:1A:AA:F4:C2:C1:87:5C:28:8F:75:A7:CD:BB:47:BB:B9:37:EA:E4:F5:46:AF:BD:F3:B6:16:59:3D:41:4F:85
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
pitou.com
*.pitou.com
96wbhmh2mw.world
*.96wbhmh2mw.world
bec88f.live
*.bec88f.live
cinsio.com
*.cinsio.com
clinical-trials-safe-192.sbs
*.clinical-trials-safe-192.sbs
coachfit.co
*.coachfit.co
copd-treatment-ef4.click
*.copd-treatment-ef4.click
cosmetic-clinic-480956716.click
*.cosmetic-clinic-480956716.click
d023quiz0605s.sbs
*.d023quiz0605s.sbs
*.0mzfmz.don88.mobi
*.assets.don88.mobi
don88.mobi
*.don88.mobi
*.azerpost.don88.tv
*.baitushumaccess.don88.tv
*.blablacar.don88.tv
*.click.don88.tv
don88.tv
*.don88.tv
*.doybtadmin.don88.tv
*.edem.don88.tv
*.halykbank.don88.tv
*.mailex.don88.tv
*.ns.don88.tv
*.optimabank.don88.tv
*.personal.don88.tv
*.president-am.don88.tv
*.sutochno.don88.tv
*.test.don88.tv
*.unix.don88.tv
*.ww3.don88.tv
e20q1xt.top
*.e20q1xt.top
easyslim.co
*.easyslim.co
encrkgm468.vip
*.encrkgm468.vip
equalrightsbooks.xyz
*.equalrightsbooks.xyz
fdmejp.equipment
*.fdmejp.equipment
forklift-operator-mb4.click
*.forklift-operator-mb4.click
fuel-credit-cards-ao8.click
*.fuel-credit-cards-ao8.click
getsveing.com
*.getsveing.com
goodenglish.co
*.goodenglish.co
itsrewardtheworld.info
*.itsrewardtheworld.info
lebeling-jobs-new-wp-124121.sbs
*.lebeling-jobs-new-wp-124121.sbs
oregonwomen.com
*.oregonwomen.com
ourfrontdoor.com
*.ourfrontdoor.com
palomarinn.com
*.palomarinn.com
performingzone.com
*.performingzone.com
pinksaddle.com
*.pinksaddle.com
publicmanagement.com
*.publicmanagement.com
situsbet100perak.org
*.situsbet100perak.org
sylvesterveranstaltungen.de
*.sylvesterveranstaltungen.de
thermophilous.com
*.thermophilous.com
uncuerpoenequilibrio.click
*.uncuerpoenequilibrio.click
universaltech.co
*.universaltech.co
visionsalliancelabs.com
*.visionsalliancelabs.com
wohnungjur.com
*.wohnungjur.com
zenvinico.com
*.zenvinico.com
Other domains in certificate